urlscan.io logo urlscan.io
SecurityTrails logo

folkia.no Open in urlscan Pro
52.214.7.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9u...
Effective URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F...
Submission: On December 14 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 7 countries across 13 domains to perform 25 HTTP transactions. The main IP is 52.214.7.229, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is folkia.no.
TLS certificate: Issued by Amazon on August 18th 2020. Valid for: a year.
This is the only time folkia.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.38.117.120 (France)

ASN16276 (OVH, FR)
PTR: dumm.fi
mouse.takethisemail.com
1    13.48.168.251 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-168-251.eu-north-1.compute.amazonaws.com
track.adtraction.com
1    52.214.7.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-7-229.eu-west-1.compute.amazonaws.com
folkia.no
7    13.224.195.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-64.fra2.r.cloudfront.net
di1ayey5e6wxt.cloudfront.net
3    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    104.111.224.160 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-160.deploy.static.akamaitechnologies.com
c1.rfihub.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
1    193.0.160.128 (Netherlands)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
1    193.0.160.129 (Netherlands)

ASN54312 (ROCKETFUEL, US)
20765588p.rfihub.com
Domain Requested by
7 di1ayey5e6wxt.cloudfront.net folkia.no
di1ayey5e6wxt.cloudfront.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com folkia.no
www.googletagmanager.com
2 bam.nr-data.net js-agent.newrelic.com
folkia.no
1 20765588p.rfihub.com c1.rfihub.net
1 a.rfihub.com c1.rfihub.net
1 stats.g.doubleclick.net folkia.no
1 c1.rfihub.net mouse.takethisemail.com
1 js-agent.newrelic.com folkia.no
1 fonts.googleapis.com di1ayey5e6wxt.cloudfront.net
1 www.googletagmanager.com folkia.no
1 folkia.no
1 track.adtraction.com 1 redirects
1 mouse.takethisemail.com
25 14

This site contains no links.

Subject Issuer Validity Valid
mouse.takethisemail.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-01 -
2021-11-29		 a year crt.sh
folkia.no
Amazon		 2020-08-18 -
2021-09-17		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-23 -
2021-05-07		 6 months crt.sh
*.rfihub.net
DigiCert SHA2 Secure Server CA		 2020-04-01 -
2021-07-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Frame ID: 7DC02B497F4CA9684168E86981147467
Requests: 24 HTTP requests in this frame

Frame: https://20765588p.rfihub.com/ca.html?rfiidc=1871597490234164236&rfiaid=cbb18648082f437fbcedfc6abf3a54e4&ver=9&rb=30288&ca=20765588&_o=30288&_t=20765588&pe=https%3A%2F%2Ffolkia.no%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D8E654213EF88744B737A574B618F55DFF541B35A&pf=https%3A%2F%2Fmouse.takethisemail.com%2Fcampaign%2Fclicked%2FNTk3ODk2Nzc%253D__MTQ1__NzE2MTg5Mg%253D%253D__MzA%253D%2FaHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%2523%2523YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx%3Fc%3D59789677&ra=6227960855201162
Frame ID: 898BD726D4820A1F3ACED2D5AFF3EB0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90... Page URL
  2. https://track.adtraction.com/t/t?a=754455607&as=1553731866&t=2&tk=1 HTTP 302
    https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

25
Requests

100 %
HTTPS

40 %
IPv6

13
Domains

14
Subdomains

14
IPs

7
Countries

2560 kB
Transfer

2704 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx?c=59789677 Page URL
  2. https://track.adtraction.com/t/t?a=754455607&as=1553731866&t=2&tk=1 HTTP 302
    https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx
mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/ 		117 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx?c=59789677
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.38.117.120 , France, ASN16276 (OVH, FR),
Reverse DNS
dumm.fi
Software
Apache /
Resource Hash
a7fe6c6aee503ba59a1a8f692766c301acb8345056fddd5e14a660e7f82857aa

Request headers

Host
mouse.takethisemail.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 08:34:12 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set /
folkia.no/
Redirect Chain
  • https://track.adtraction.com/t/t?a=754455607&as=1553731866&t=2&tk=1
  • https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
33 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.7.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-7-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
16268716fcbbaa513938b4336846b57256e314e995b8d7a90288868105327fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
folkia.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx?c=59789677
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx?c=59789677

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Dec 2020 08:34:13 GMT
ETag
"d7005aa6a6776600c53c7bad8b84fba3"
Set-Cookie
_folkiano_session=BAh7CEkiD3Nlc3Npb25faWQGOgZFVEkiJThjMWI3MGZiNDJiNmYwODAxNDQ3ZDFmMTk2OGQ3NGUzBjsAVEkiCmZvcmNlBjsARkl1OglUaW1lDcgtHoB94daICjoNbmFub19udW1pAqUDOg1uYW5vX2RlbmkGOg1zdWJtaWNybyIHkzA6C29mZnNldGkAOgl6b25lSSIIVVRDBjsARkkiEF9jc3JmX3Rva2VuBjsARkkiMTRHQXhSN0taTXI0NDRPeFl1SkpSWnM4ZEtNWjM1OUNacGMvTUlidm1FUXM9BjsARg%3D%3D--6e8ebd2a99c2d3a1e3f715f77693268d0006e978; path=/; secure; HttpOnly
Strict-Transport-Security
max-age=31536000
X-Rack-Cache
miss
X-Request-Id
6ddf45850cd32682d910bbb5227fbdb4
X-Runtime
0.074145
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
33638
Connection
keep-alive

Redirect headers

X-TraceId
86c854d4-ebb5-4847-873c-c7ed069c6a6d
Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Access-Control-Allow-Origin
*
Set-Cookie
at_gd=8E654213EF88744B737A574B618F55DFF541B35A; Max-Age=94608000; Path=/; Domain=track.adtraction.com; SameSite=None; Secure
Location
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Transfer-Encoding
chunked
Date
Mon, 14 Dec 2020 08:34:12 GMT
Connection
close
application-ade11d6c9fc4f69f1d0be7a9914b785e.css
di1ayey5e6wxt.cloudfront.net/assets/ 		199 KB
200 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
3a1c1a5dac2ce470b408ff2efebcd00d05df6be0ec62bc902b11d77a61678a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Dec 2020 12:25:06 GMT
Via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
X-Content-Digest
f24a498442fb245fe72af4b5cf1841f380f9a8d2
Last-Modified
Wed, 02 Dec 2020 12:16:01 GMT
Age
72547
Strict-Transport-Security
max-age=31536000
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Content-Length
203770
X-Amz-Cf-Id
cdQF99OkVDDO2u7G5I5jd3X6qhDXHFWHuf9xLTAPUsqeUhUvH-pI-Q==
X-Rack-Cache
stale, invalid, store
modernizr.custom-07cdd846d9479141366fe100b09eb45c.js
di1ayey5e6wxt.cloudfront.net/assets/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/modernizr.custom-07cdd846d9479141366fe100b09eb45c.js
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
X-Content-Digest
0e3e8b2c588eea4d13dff0b4feececc96a9788a7
Last-Modified
Fri, 25 Sep 2020 09:22:35 GMT
Age
10417
Date
Mon, 14 Dec 2020 05:40:36 GMT
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Content-Length
8875
X-Amz-Cf-Id
ytqe6YM1Col3PRWPEdq_e7yKz15BvCcUzDbZO3pIAO88Xe78ETzdig==
X-Rack-Cache
stale, valid, store
application-c56cc46c2b3038926e7b4025506fcd54.js
di1ayey5e6wxt.cloudfront.net/assets/ 		431 KB
431 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/application-c56cc46c2b3038926e7b4025506fcd54.js
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
b2e68f7c26f73a949ae91766d5b381e45b4705062bb1a123c3ea99df47851a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 05:44:22 GMT
Via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
X-Content-Digest
aa5c6c914e934e034485bdf0ea218618c655fbc2
Last-Modified
Wed, 02 Dec 2020 12:16:01 GMT
Age
10191
Strict-Transport-Security
max-age=31536000
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Content-Length
441201
X-Amz-Cf-Id
4jbIbSyHAVHZhW74X-adIFQvLgxftmOYgeLqMqU8wV6P852lxrfDrQ==
X-Rack-Cache
stale, valid, store
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6263
date
Mon, 14 Dec 2020 06:49:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 14 Dec 2020 08:49:50 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5CBNFCL
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1726b3535c5ba4963a9e4a43de21441d371789d418cbf7019fd1a4dcd0452a1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 08:34:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34003
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Dec 2020 08:34:13 GMT
css
fonts.googleapis.com/ 		9 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
Requested by
Host: di1ayey5e6wxt.cloudfront.net
URL: https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a330682294173f843ebd54b44157f0573a7d9de55899e611c9378c8af0e72a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 08:34:13 GMT
server
ESF
date
Mon, 14 Dec 2020 08:34:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Dec 2020 08:34:13 GMT
u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://folkia.no
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Dec 2020 12:31:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:10:13 GMT
server
sffe
age
590582
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12256
x-xss-protection
0
expires
Tue, 07 Dec 2021 12:31:11 GMT
brand_white-10bfbbbf7dca548e78e9db526079a75c.svg
di1ayey5e6wxt.cloudfront.net/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/brand_white-10bfbbbf7dca548e78e9db526079a75c.svg
Requested by
Host: di1ayey5e6wxt.cloudfront.net
URL: https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
e893254beeb8ac46e6984e0c2c47a01ed07d9d3078c0546b47bc8c5ddf8c3982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
4192
X-Content-Digest
d74f258ff5a311b2b4893f6e9a5359b39394d4b1
Last-Modified
Wed, 02 Dec 2020 12:16:02 GMT
Date
Mon, 14 Dec 2020 08:34:13 GMT
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
9FWLDzg3CZm4usbFhKRQSb65xePjqrSVU2wJv9mXaE6ByPHt5NBGdQ==
X-Rack-Cache
stale, valid, store
background-folkefinans-balloon-55b3ac5a437e4c2d09f9ca323d417b80.jpg
di1ayey5e6wxt.cloudfront.net/assets/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/background-folkefinans-balloon-55b3ac5a437e4c2d09f9ca323d417b80.jpg
Requested by
Host: di1ayey5e6wxt.cloudfront.net
URL: https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
8b2e5ce9ec3fe3c651688b0dbce31755f9c4c507abef82aa02b6a3404773d61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 05:44:22 GMT
Via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
X-Content-Digest
c56654514b39e936978e62e4f8ca003033add610
Last-Modified
Fri, 25 Sep 2020 09:22:35 GMT
Age
10190
Strict-Transport-Security
max-age=31536000
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Content-Length
1711025
X-Amz-Cf-Id
wBKAHSRAjjboEznSPXggTyblkla3ZX4Ci10UvAOzns4KZf73BLZlvg==
X-Rack-Cache
stale, invalid, store
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://folkia.no
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 19:41:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
391956
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 09 Dec 2021 19:41:37 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://folkia.no
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 13:46:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
154069
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sun, 12 Dec 2021 13:46:24 GMT
folkia-e32ea447552458037645c5a201f87a9f.woff
di1ayey5e6wxt.cloudfront.net/assets/oslo/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/oslo/folkia-e32ea447552458037645c5a201f87a9f.woff
Requested by
Host: di1ayey5e6wxt.cloudfront.net
URL: https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
7cc939bc1d7ebef85fcdbf5e8274735b8084c9db08bf2d68d93f24fb3cacec66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://folkia.no
Referer
https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Dec 2020 19:06:34 GMT
Via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Age
48459
X-Cache
Hit from cloudfront
Access-Control-Allow-Methods
GET
Connection
keep-alive
Content-Length
78472
X-Content-Digest
e94e2e22f76188e55ad70bc76304d3bcddc1867a
Last-Modified
Wed, 02 Dec 2020 12:16:01 GMT
Access-Control-Max-Age
3628800
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA2-C1
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
0M2TVedyvfyaZcRDpbv3CUPmX0jeTp5MsN0wRJnjkpv4Mzc1-NFLRw==
X-Rack-Cache
stale, valid, store
folkiano-793768828422e4bd73c698e8b264d72b.woff
di1ayey5e6wxt.cloudfront.net/assets/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://di1ayey5e6wxt.cloudfront.net/assets/folkiano-793768828422e4bd73c698e8b264d72b.woff
Requested by
Host: di1ayey5e6wxt.cloudfront.net
URL: https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-64.fra2.r.cloudfront.net
Software
/
Resource Hash
4abf1e62bc9d190d007e911231e46566bfd739a8f6ff0faadc5bb59e70589654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://folkia.no
Referer
https://di1ayey5e6wxt.cloudfront.net/assets/application-ade11d6c9fc4f69f1d0be7a9914b785e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 01:51:32 GMT
Via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
Age
24161
X-Cache
Hit from cloudfront
Access-Control-Allow-Methods
GET
Connection
keep-alive
Content-Length
2396
X-Content-Digest
36c26bfff535c7d56ba9b76e76e494edcd625a1a
Last-Modified
Wed, 02 Dec 2020 12:16:01 GMT
Access-Control-Max-Age
3628800
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA2-C1
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
5U6Xch_U1R0vJzkJo3KmKUOXiWjzA4ocZ8AmVqaPCElwd3SyFZexQw==
X-Rack-Cache
stale, valid, store
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://folkia.no
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Merriweather:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 01:36:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:44 GMT
server
sffe
age
111477
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9192
x-xss-protection
0
expires
Mon, 13 Dec 2021 01:36:16 GMT
nr-1184.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 08:34:14 GMT
content-encoding
gzip
x-amz-request-id
A21809B1C987C063
x-cache
HIT
content-length
10624
x-amz-id-2
5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by
cache-hhn4021-HHN
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1607934854.172586,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
34777
collect
www.google-analytics.com/j/ 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1754019833&t=pageview&_s=1&dl=https%3A%2F%2Ffolkia.no%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D8E654213EF88744B737A574B618F55DFF541B35A&dr=https%3A%2F%2Fmouse.takethisemail.com%2Fcampaign%2Fclicked%2FNTk3ODk2Nzc%253D__MTQ1__NzE2MTg5Mg%253D%253D__MzA%253D%2FaHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%2523%2523YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx%3Fc%3D59789677&ul=en-us&de=UTF-8&dt=Folkia%20-%20sms%20l%C3%A5n%2C%20forbruksl%C3%A5n%20p%C3%A5%20dagen%2C%20l%C3%A5ne%20penger%2C%20l%C3%A5n%20uten%20sikkerhet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1862689691&gjid=190842323&cid=1817358632.1607934854&tid=UA-26231029-1&_gid=2044180873.1607934854&_r=1&gtm=2wgbu05CBNFCL&z=596212035
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Dec 2020 08:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkia.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CBNFCL
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6264
date
Mon, 14 Dec 2020 06:49:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 14 Dec 2020 08:49:50 GMT
tc.min.js
c1.rfihub.net/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: mouse.takethisemail.com
URL: https://mouse.takethisemail.com/campaign/clicked/NTk3ODk2Nzc%3D__MTQ1__NzE2MTg5Mg%3D%3D__MzA%3D/aHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%23%23YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx?c=59789677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.224.160 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-160.deploy.static.akamaitechnologies.com
Software
Jetty(9.0.6.v20130930) /
Resource Hash
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Dec 2020 08:34:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Nov 2020 07:07:45 GMT
Server
Jetty(9.0.6.v20130930)
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
6375
Expires
Mon, 14 Dec 2020 09:34:14 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-26231029-1&cid=1817358632.1607934854&jid=1862689691&gjid=190842323&_gid=2044180873.1607934854&_u=aEDAAEAAAAAAAC~&z=1413621600
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Dec 2020 08:34:14 GMT
content-type
text/plain
access-control-allow-origin
https://folkia.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
47c519667b
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/47c519667b?a=2753319&v=1184.ab39b52&to=cg5XRxFXWFwARBYTV10CVl4GF11eAVNB&rst=1153&ck=1&ref=https://folkia.no/&ap=75&be=551&fe=1075&dc=880&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1607934853034,%22n%22:0,%22f%22:207,%22dn%22:207,%22dne%22:250,%22c%22:250,%22s%22:267,%22ce%22:386,%22rq%22:386,%22rp%22:536,%22rpe%22:543,%22dl%22:542,%22di%22:880,%22ds%22:880,%22de%22:923,%22dc%22:1075,%22l%22:1075,%22le%22:1076%7D,%22navigation%22:%7B%7D%7D&fp=855&fcp=855&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
idr.js
a.rfihub.com/ 		83 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
5652818afab440b2d8fc9b31949689f71633e220f425970491d04d2777ab915f

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
public, max-age=33696000
Content-Type
application/javascript
Server
Jetty(9.0.6.v20130930)
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
83
Expires
Sat, 08 Jan 2022 08:34:14 GMT
Cookie set ca.html
20765588p.rfihub.com/ Frame 898B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://20765588p.rfihub.com/ca.html?rfiidc=1871597490234164236&rfiaid=cbb18648082f437fbcedfc6abf3a54e4&ver=9&rb=30288&ca=20765588&_o=30288&_t=20765588&pe=https%3A%2F%2Ffolkia.no%2F%3Futm_source%3Dadtraction%26utm_medium%3Dcpa%26utm_campaign%3Dadtraction%26at_gd%3D8E654213EF88744B737A574B618F55DFF541B35A&pf=https%3A%2F%2Fmouse.takethisemail.com%2Fcampaign%2Fclicked%2FNTk3ODk2Nzc%253D__MTQ1__NzE2MTg5Mg%253D%253D__MzA%253D%2FaHR0cHM6Ly90cmFjay5hZHRyYWN0aW9uLmNvbS90L3Q%2523%2523YT0zRDc1NDQ1NTYwNyZhcz0zRDE1NTM3MzE4NjYmdD0zRDImdGs9M0Qx%3Fc%3D59789677&ra=6227960855201162
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
20765588p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDAyNjE0MzEyNhPiM9QNyihJNUyrdErzcDcCAA2fRwwlAAAA; rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDAyNjE0MzEyNhPiM9QNyihJNUyrdErzcDeS4jU0MzC3NDaxMDUxNjYHAJDO8ws0AAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAJvFyGtoZmBuaWxiYWpiamiwCo1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4SunwWVfwuNv4kVzTxuNP-g8RcJo_IfofEBMhPe_0ABAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 8 Jan 2022 08:34:14 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDAyNjE0MzEyNhPiM9QNyihJNUyrdErzcDcCAA2fRwwlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDAyNjE0MzEyNhPiM9QNyihJNUyrdErzcDeS4jU0MzC3NDaxMDUxNjYHAJDO8ws0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 8 Jan 2022 08:34:14 GMT; Secure; SameSite=None
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)
47c519667b
bam.nr-data.net/events/1/ 		24 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/47c519667b?a=2753319&v=1184.ab39b52&to=cg5XRxFXWFwARBYTV10CVl4GF11eAVNB&rst=11152&ck=1&ref=https://folkia.no/
Requested by
Host: folkia.no
URL: https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://folkia.no/?utm_source=adtraction&utm_medium=cpa&utm_campaign=adtraction&at_gd=8E654213EF88744B737A574B618F55DFF541B35A
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://folkia.no
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| html5 object| Modernizr function| yepnope object| I18n object| _base object| handlebars object| errorProps function| $ function| jQuery object| jQuery110109453927044209458 object| Folkia function| Spinner object| Handlebars object| SecondLevelDomains function| URI function| Cookies object| google_tag_manager function| _rfi function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP

5 Cookies

Domain/Path Name / Value
folkia.no/ Name: at_gd
Value: 8E654213EF88744B737A574B618F55DFF541B35A
.folkia.no/ Name: _gat_UA-26231029-1
Value: 1
.folkia.no/ Name: _gid
Value: GA1.2.2044180873.1607934854
.folkia.no/ Name: _ga
Value: GA1.2.1817358632.1607934854
folkia.no/ Name: _folkiano_session
Value: BAh7CEkiD3Nlc3Npb25faWQGOgZFVEkiJThjMWI3MGZiNDJiNmYwODAxNDQ3ZDFmMTk2OGQ3NGUzBjsAVEkiCmZvcmNlBjsARkl1OglUaW1lDcgtHoB94daICjoNbmFub19udW1pAqUDOg1uYW5vX2RlbmkGOg1zdWJtaWNybyIHkzA6C29mZnNldGkAOgl6b25lSSIIVVRDBjsARkkiEF9jc3JmX3Rva2VuBjsARkkiMTRHQXhSN0taTXI0NDRPeFl1SkpSWnM4ZEtNWjM1OUNacGMvTUlidm1FUXM9BjsARg%3D%3D--6e8ebd2a99c2d3a1e3f715f77693268d0006e978

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20765588p.rfihub.com
a.rfihub.com
bam.nr-data.net
c1.rfihub.net
di1ayey5e6wxt.cloudfront.net
folkia.no
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
mouse.takethisemail.com
stats.g.doubleclick.net
track.adtraction.com
www.google-analytics.com
www.googletagmanager.com
104.111.224.160
13.224.195.64
13.48.168.251
151.101.114.110
162.247.242.18
193.0.160.128
193.0.160.129
2a00:1450:4001:809::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9a
52.214.7.229
54.38.117.120
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
16268716fcbbaa513938b4336846b57256e314e995b8d7a90288868105327fff
1726b3535c5ba4963a9e4a43de21441d371789d418cbf7019fd1a4dcd0452a1e
3a1c1a5dac2ce470b408ff2efebcd00d05df6be0ec62bc902b11d77a61678a61
4abf1e62bc9d190d007e911231e46566bfd739a8f6ff0faadc5bb59e70589654
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5652818afab440b2d8fc9b31949689f71633e220f425970491d04d2777ab915f
5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7cc939bc1d7ebef85fcdbf5e8274735b8084c9db08bf2d68d93f24fb3cacec66
8b2e5ce9ec3fe3c651688b0dbce31755f9c4c507abef82aa02b6a3404773d61b
a330682294173f843ebd54b44157f0573a7d9de55899e611c9378c8af0e72a6f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7fe6c6aee503ba59a1a8f692766c301acb8345056fddd5e14a660e7f82857aa
b2e68f7c26f73a949ae91766d5b381e45b4705062bb1a123c3ea99df47851a5b
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
e893254beeb8ac46e6984e0c2c47a01ed07d9d3078c0546b47bc8c5ddf8c3982